Biometrics
Biometrics are local device authentication. The host may use face recognition, fingerprint, iris, or the device credential fallback. The result says the current device user passed the local policy; it is not a server identity proof.
This reference is for the exact API shape. If you are wiring the feature into an app for the first time, start with the Biometrics guide, then return here when you need operation names, request types, provider contracts, or platform configuration details.
Public API
| |
|---|
Effect helper or entrypoint | |
Provider trait or host contract | |
Test provider or test entrypoint | |
| BiometricAuthenticateRequest |
| BiometricAvailability / BiometricAuthenticateResult |
| |
| |
Operations
| | | |
|---|
| Query support, enrollment, available modalities, and credential fallback. | | |
| Show a local authentication prompt. | BiometricAuthenticateRequest | BiometricAuthenticateResult |
| Cancel the active prompt where the host permits it. | | |
Provider contract
Register a BiometricHost with .with_biometric_host(...). Use MemoryBiometricHost for tests. A real host should distinguish unsupported hardware, no enrollment, cancellation, denied permission, and failed verification.
Providers should return typed errors for unsupported operations, denied permissions, unavailable hardware, cancellation, timeouts, and platform policy restrictions. Silent success is not acceptable because reducers need a truthful result to update state and explain what happened.
The CLI adds Android biometric permissions and the iOS Face ID usage string. macOS and Windows support local authentication through host providers. Web fingerprint prompts are normally passkeys/WebAuthn rather than raw biometric access.
When a CLI value exists, fission add-capability <value> --project-dir . records the capability in fission.toml and updates generated target files where Fission can do that deterministically. Android generated configuration lives in platforms/android/AndroidManifest.xml. iOS generated configuration lives in platforms/ios/Info.plist and platforms/ios/Entitlements.plist when entitlements are required. Desktop package metadata is reviewed during packaging because Windows, macOS, and Linux use different permission and distribution systems.
Runtime behavior
Capability calls are queued from reducers through ctx.effects. The active shell resolves the request with the registered provider and then dispatches the configured success or error action. Missing providers should produce typed unsupported errors. Packaging mistakes usually show up as denied permissions, missing entitlements, missing route registration, or provider-specific failures.
Related pages